Exploit Code Published for Remote Root Flaw in VMware Logging Software

  Rassegna Stampa, Security
image_pdfimage_print

Virtualization technology giant VMware on Monday warned that exploit code has been publicly released for a pre-authentication remote code execution flaw in its enterprise-facing VMware Aria Operations for Logs product.

In an update to a critical-level advisory originally released in April this year, VMware said it has confirmed that exploit code for CVE-2023-20864 has been published, underscoring the urgency for enterprise network admins to apply available patches.

The vulnerability, which carries a CVSS severity score of 9.8 out of 10, allows an unauthenticated, malicious actor with network access to VMware Aria Operations to execute arbitrary code as root, VMware said in its documentation of the CVE-2023-20864 flaw.

VMware Aria Operations for Logs, (formerly vRealize Log Insight), is a centralized log management tool that promises operational visibility and analytics for troubleshooting and auditing data flowing through private, hybrid and multi-cloud environments.

VMware’s security troubles with the vRealize Logging product line are well known. The company has patched several high-severity issues in the past and confirmed the release of exploit code targeting known software bugs.

The VMWare vRealize product has also been featured in the CISA KEV (Known Exploited Vulnerabilities) must-patch catalog.

Related: VMware Patches Pre-Auth Code Execution Flaw

Advertisement. Scroll to continue reading.

Related: VMware Fixes VM Escape Flaw Exploited at Geekpwn

Related: VMware Confirms Exploit Code for Critical vRealize Flaws

Related: VMware Plugs High-Severity Bugs in vRealize Operations

https://www.securityweek.com/exploit-code-published-for-remote-root-flaw-in-vmware-logging-software/